package com.wjk.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
 * @author: RobertWei
 * time: 2021/8/13    11:18
 * @TODO:
 */

public class AuthorizationDemo {
    public static void main(String[] args) {

        //1.创建securityManager
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager instance = factory.getInstance();
        SecurityUtils.setSecurityManager(instance);


        //2.获取Subject进行认证

        Subject subject = SecurityUtils.getSubject();

        //3.认证检查

        UsernamePasswordToken token = new UsernamePasswordToken("ergouzi", "123");

        try {
            subject.login(token);
        } catch (AuthenticationException e) {
            System.out.println("认证失败!");
        }

        //4.认证授权

        if (subject.isAuthenticated()) {
            //认证成功


            /**
             * 授权:
             *      1.通过角色的角度进行授权操作
             *      2.通过权限的角度进行授权操作
             */

            /**
             * 1.
             */
            //单一角色检查
            boolean teacher = subject.hasRole("teacher");
            System.out.println("teacher = " + teacher);

            List<String> roles = new ArrayList<>();
            roles.add("teacher");
            roles.add("admin");
            boolean[] booleans = subject.hasRoles(roles);
            System.out.println("booleans = " + Arrays.toString(booleans));

            boolean b = subject.hasAllRoles(roles);

            /**
             * check系列
             */

            try {
                subject.checkRole("aa");
            } catch (AuthorizationException e) {
                System.out.println("没有aa角色");
            }

            try {
                //and  关系
                subject.checkRoles("aa","teacher");
            } catch (AuthorizationException e) {
                System.out.println("没有aa/teacher角色");
            }

            try {
                //and  关系
                subject.checkRoles(roles);
            } catch (AuthorizationException e) {
                System.out.println("没有admin/teacher角色");
            }


            /**
             * 权限检查
             *  is  返回boolean
             */


            boolean[] permitted = subject.isPermitted("a", "f", "h");
            System.out.println("permitted = " + Arrays.toString(permitted));

            /**
             * check   在过程中调用is方法
             */

            try {
                subject.checkPermissions("a","b");
                System.out.println("有a/b角色");
            } catch (AuthorizationException e) {
                System.out.println("没有a/b角色");
            }

        }


    }
}
